hChain 4.0: A Secure and Scalable Permissioned Blockchain for EHR Management in Smart Healthcare
Musharraf N. Alruwaill, Saraju P. Mohanty, Elias Kougianos
TL;DR
This paper tackles the challenge of secure, scalable EHR management in IoMT-enabled smart healthcare by introducing hChain 4.0, a permissioned blockchain that combines ABAC-based access control, AES-256 encryption, and Partial Homomorphic Encryption to protect privacy while enabling analytics on encrypted data. It leverages private channels and Raft consensus within Hyperledger Fabric to achieve high throughput (about 483 TPS) and cost efficiency, addressing the limitations of public blockchains in healthcare settings. The authors detail architectural design, chaincode functions for EHR creation, sharing, and approval, and provide empirical validation through performance and security analyses, demonstrating robust data confidentiality and resilience against common attacks. The work aims to empower multi-institutional collaboration and anonymized research sharing without exposing sensitive patient data, potentially transforming EHR interoperability and clinical research in real-time healthcare environments. Overall, hChain 4.0 offers a practical, privacy-preserving, scalable solution for secure EHR management in modern healthcare ecosystems with clear paths for future UI improvements and scalability enhancements.
Abstract
The growing utilization of Internet of Medical Things (IoMT) devices, including smartwatches and wearable medical devices, has facilitated real-time health monitoring and data analysis to enhance healthcare outcomes. These gadgets necessitate improved security measures to safeguard sensitive health data while tackling scalability issues in real-time settings. The proposed system, hChain 4.0, employs a permissioned blockchain to provide a secure and scalable data infrastructure designed to fulfill these needs. This stands in contrast to conventional systems, which are vulnerable to security flaws or rely on public blockchains, constrained by scalability and expense. The proposed approach introduces a high-privacy method in which health data are encrypted using the Advanced Encryption Standard (AES) for time-efficient encryption, combined with Partial Homomorphic Encryption (PHE) to enable secure computations on encrypted data, thereby enhancing privacy. Moreover, it utilizes private channels that enable isolated communication and ledger between stakeholders, ensuring robust privacy while supporting collaborative operations. The proposed framework enables anonymized health data sharing for medical research by pseudonymizing patient identity. Additionally, hChain 4.0 incorporates Attribute-Based Access Control (ABAC) to provide secure electronic health record (EHR) sharing among authorized parties, where ABAC ensures fine-grained permission management vital for multi-organizational healthcare settings. Experimental assessments indicate that the proposed approach achieves higher scalability, cost-effectiveness, and validated security.